This week's articles
Defending Infrastructure as Code in GitHub Enterprise
Paper examining a common deployment of infrastructure as code via GitHub Enterprise and HashiCorp Terraform, explores an attack scenario, examines attacker tradecraft within the context of the MITRE ATT&CK framework, and makes recommendations for defensive controls and intrusion detection techniques.
#ci/cd
#defend
Initial Reaction to AWS Audit Manager
AWS Audit Manager is not quite there yet. The intent of the service is clear and you can begin to see the foundation of what this service could be. There are a few gaps that AWS Audit Manager will have to continue to improve upon to make this service usable for its customers.
#aws
#explain
Learn How To Create Network Policies for Kubernetes
Tutorial that will teach you how to create a network policy using the Cilium Editor. It explains basic network policy concepts and guides you through the steps needed to achieve the desired least-privilege security policy.
#k8s
#build
Wait Conditions in the Kubernetes Provider for HashiCorp Terraform
HashiCorp recently improved the wait_for configurations on several resources, as well as introduced an entirely new generic waiter. The new and improved configuration options allow you to specify whether Terraform should wait for a specific condition, or not, before continuing to apply your configuration or complete successfully.
#terraform
#build
|